Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
A significant security breach at cryptocurrency exchange Phemex has resulted in the theft of digital assets valued at over $85 million, marking one of the largest crypto exchange compromises in recent history. The incident, which occurred on January 23, 2025, highlights the persistent vulnerabilities in centralized cryptocurrency platforms and emphasizes the critical importance of robust … Read more
Leading graphics tablet manufacturer Wacom has disclosed a significant security breach affecting its online store’s payment processing system. The incident, which occurred between November 28, 2024, and January 8, 2025, potentially exposed customers’ payment card information to unauthorized access. The company has initiated a comprehensive investigation and is actively notifying affected customers. Breach Analysis and … Read more
The cybersecurity landscape is witnessing a significant shift as developers introduce specialized defense mechanisms against increasingly aggressive AI-powered web crawlers. These sophisticated tools aim to counter unauthorized data harvesting while protecting web infrastructure from excessive server loads caused by AI scanning operations. Revolutionary Tarpitting Technology Emerges as Primary Defense Strategy The cybersecurity community’s response to … Read more
British telecommunications provider TalkTalk has launched an extensive investigation into a significant data breach after reports emerged of customer information being offered for sale on underground hacking forums. The incident, which allegedly occurred in January 2025, has raised serious concerns about supply chain security in the telecommunications sector. A threat actor operating under the alias … Read more
Cybersecurity researchers at GreyNoise have detected widespread exploitation of a critical command injection vulnerability (CVE-2024-40891) affecting Zyxel CPE devices. This high-severity security flaw, initially discovered in summer 2023, remains unpatched, leaving thousands of devices exposed to potential attacks. Understanding the Technical Impact The vulnerability (CVE-2024-40891) enables unauthorized remote code execution through supervisor and zyuser service … Read more
Apple’s cybersecurity team has identified and patched a critical zero-day vulnerability (CVE-2024-23222) that threat actors were actively exploiting across multiple Apple operating systems. The security flaw, discovered in the Apple Core Media framework, affects a broad spectrum of devices running iOS, iPadOS, macOS, tvOS, watchOS, and the newly introduced visionOS. Understanding the Security Vulnerability The … Read more
Security researchers at Sekoia have uncovered an extensive phishing operation utilizing nearly 1,000 fraudulent websites that impersonate popular platforms Reddit and WeTransfer. The sophisticated campaign aims to distribute the dangerous Lumma stealer malware, putting users’ sensitive data at significant risk. Sophisticated Social Engineering Tactics Revealed The threat actors have deployed an intricate network of 529 … Read more
Hewlett Packard Enterprise (HPE) has confirmed a significant cybersecurity breach affecting its critical development infrastructure. The incident, claimed by the threat actor group IntelBroker, has resulted in unauthorized access to multiple corporate systems, including sensitive API interfaces and GitHub repositories, highlighting the growing sophistication of targeted attacks against major technology corporations. Breach Impact and Compromised … Read more
ESET security researchers have uncovered a sophisticated supply chain attack targeting IPany, a South Korean VPN provider, potentially compromising thousands of users’ systems. The attack, attributed to the Chinese threat actor group PlushDaemon, involved the deployment of a malicious backdoor called SlowStepper through the provider’s official installation package. Attack Vector and Malware Distribution Strategy The … Read more
Cybersecurity firm CloudSEK has uncovered a sophisticated cyber-attack campaign targeting amateur hackers through a compromised version of the XWorm RAT builder. The operation has successfully infected over 18,459 devices across multiple countries, with the highest concentration of victims in Russia, the United States, India, Ukraine, and Turkey. Distribution Strategy and Infection Mechanics The threat actors … Read more
